diff options
| author | Havoc Pennington <hp@redhat.com> | 2004-07-30 05:59:34 +0000 |
|---|---|---|
| committer | Havoc Pennington <hp@redhat.com> | 2004-07-30 05:59:34 +0000 |
| commit | 1e9b185b0c274ef0d684b1e43418388225321e72 (patch) | |
| tree | 66bb08beb9ea1b4250953294134e2c995f8adf34 /bus/bus.c | |
| parent | 4076d31c71bee332c4a697597a93345b45850b33 (diff) | |
2004-07-24 Havoc Pennington <hp@redhat.com>
SELinux support from Matthew Rickard <mjricka@epoch.ncsc.mil>
* bus/selinux.c, bus/selinux.h: new file encapsulating selinux
functionality
* configure.in: add --enable-selinux
* bus/policy.c (bus_policy_merge): add FIXME to a comment
* bus/main.c (main): initialize and shut down selinux
* bus/connection.c: store SELinux ID on each connection, to avoid
repeated getting of the string context and converting it into
an ID
* bus/bus.c (bus_context_get_policy): new accessor, though it
isn't used
(bus_context_check_security_policy): check whether the security
context of sender connection can send to the security context of
recipient connection
* bus/config-parser.c: add parsing for <selinux> and <associate>
* dbus/dbus-transport.c (_dbus_transport_get_unix_fd): to
implement dbus_connection_get_unix_fd()
* dbus/dbus-connection.c (dbus_connection_get_unix_fd): new
function, used by the selinux stuff
Diffstat (limited to 'bus/bus.c')
| -rw-r--r-- | bus/bus.c | 49 |
1 files changed, 42 insertions, 7 deletions
@@ -29,6 +29,7 @@ #include "policy.h" #include "config-parser.h" #include "signals.h" +#include "selinux.h" #include <dbus/dbus-list.h> #include <dbus/dbus-hash.h> #include <dbus/dbus-internals.h> @@ -403,6 +404,7 @@ process_config_every_time (BusContext *context, { DBusString full_address; DBusList *link; + DBusHashTable *service_sid_table; dbus_bool_t retval; @@ -480,6 +482,11 @@ process_config_every_time (BusContext *context, goto failed; } + service_sid_table = bus_config_parser_steal_service_sid_table (parser); + bus_registry_set_service_sid_table (context->registry, + service_sid_table); + _dbus_hash_table_unref (service_sid_table); + _DBUS_ASSERT_ERROR_IS_CLEAR (error); retval = TRUE; @@ -569,6 +576,13 @@ bus_context_new (const DBusString *config_file, goto failed; } + context->registry = bus_registry_new (context); + if (context->registry == NULL) + { + BUS_SET_OOM (error); + goto failed; + } + if (!load_config (context, FALSE, error)) { _DBUS_ASSERT_ERROR_IS_SET (error); @@ -637,13 +651,6 @@ bus_context_new (const DBusString *config_file, goto failed; } - context->registry = bus_registry_new (context); - if (context->registry == NULL) - { - BUS_SET_OOM (error); - goto failed; - } - context->matchmaker = bus_matchmaker_new (); if (context->matchmaker == NULL) { @@ -958,6 +965,12 @@ bus_context_allow_user (BusContext *context, uid); } +BusPolicy * +bus_context_get_policy (BusContext *context) +{ + return context->policy; +} + BusClientPolicy* bus_context_create_client_policy (BusContext *context, DBusConnection *connection, @@ -1088,6 +1101,28 @@ bus_context_check_security_policy (BusContext *context, if (sender != NULL) { + /* First verify the SELinux access controls. If allowed then + * go on with the standard checks. + */ + if (!bus_selinux_allows_send (sender, proposed_recipient)) + { + const char *dest = dbus_message_get_destination (message); + dbus_set_error (error, DBUS_ERROR_ACCESS_DENIED, + "An SELinux policy prevents this sender " + "from sending this message to this recipient " + "(rejected message had interface \"%s\" " + "member \"%s\" error name \"%s\" destination \"%s\")", + dbus_message_get_interface (message) ? + dbus_message_get_interface (message) : "(unset)", + dbus_message_get_member (message) ? + dbus_message_get_member (message) : "(unset)", + dbus_message_get_error_name (message) ? + dbus_message_get_error_name (message) : "(unset)", + dest ? dest : DBUS_SERVICE_ORG_FREEDESKTOP_DBUS); + _dbus_verbose ("SELinux security check denying send to service\n"); + return FALSE; + } + if (bus_connection_is_active (sender)) { sender_policy = bus_connection_get_policy (sender); |